<?php 

require_once('../includes/mysql.inc.php');
require_once('../includes/functions.inc.php');

session_start();

if(check_login_status()){ 
	redirect('../index.php');
} else { 
        if ( (!isset($_POST['username'])) || (!isset($_POST['password'])) OR (!ctype_alnum($_POST['username'])) ) { 
                redirect('../index.php'); 
       }
	   
$mysqli = @new mysqli($server, $user, $pass, $database);
  if (mysqli_connect_errno()){
	printf("Unable to connect to database: %s", mysqlo_connect_error());
	exit();
}
echo "pasfei";
$username = $mysqli->real_escape_string($_POST['username']); 
$password = $mysqli->real_escape_string($_POST['password']);

$sql = "SELECT * FROM tbusuarios WHERE login = '".$username."' AND senha = '".md5($password)."'";
$result = $mysqli->query($sql);
  
if (is_object($result) && $result->num_rows == 1) { 
  $_SESSION['logged_in'] = true; 
  redirect('../index.php'); 
  } else { 
  redirect('../login.php'); 
	} 
 }
?>
